diff --git a/sdk/identity/azure-identity/CHANGELOG.md b/sdk/identity/azure-identity/CHANGELOG.md index d8924a9a37c2..857d4f34bc8c 100644 --- a/sdk/identity/azure-identity/CHANGELOG.md +++ b/sdk/identity/azure-identity/CHANGELOG.md @@ -1,14 +1,8 @@ # Release History -## 1.12.0b2 (Unreleased) +## 1.12.0b2 (2022-10-11) -### Features Added - -### Breaking Changes - -### Bugs Fixed - -### Other Changes +1.12.0 release candidate ## 1.12.0b1 (2022-09-22) diff --git a/sdk/identity/azure-identity/azure/identity/_credentials/default.py b/sdk/identity/azure-identity/azure/identity/_credentials/default.py index 65b0698860d3..fe070278f9a9 100644 --- a/sdk/identity/azure-identity/azure/identity/_credentials/default.py +++ b/sdk/identity/azure-identity/azure/identity/_credentials/default.py @@ -14,6 +14,7 @@ from .managed_identity import ManagedIdentityCredential from .shared_cache import SharedTokenCacheCredential from .azure_cli import AzureCliCredential +from .vscode import VisualStudioCodeCredential try: @@ -54,6 +55,8 @@ class DefaultAzureCredential(ChainedTokenCredential): :keyword bool exclude_managed_identity_credential: Whether to exclude managed identity from the credential. Defaults to **False**. :keyword bool exclude_powershell_credential: Whether to exclude Azure PowerShell. Defaults to **False**. + :keyword bool exclude_visual_studio_code_credential: Whether to exclude stored credential from VS Code. + Defaults to **True**. :keyword bool exclude_shared_token_cache_credential: Whether to exclude the shared token cache. Defaults to **False**. :keyword bool exclude_interactive_browser_credential: Whether to exclude interactive browser authentication (see @@ -69,6 +72,10 @@ class DefaultAzureCredential(ChainedTokenCredential): Defaults to the value of environment variable AZURE_USERNAME, if any. :keyword str shared_cache_tenant_id: Preferred tenant for :class:`~azure.identity.SharedTokenCacheCredential`. Defaults to the value of environment variable AZURE_TENANT_ID, if any. + :keyword str visual_studio_code_tenant_id: Tenant ID to use when authenticating with + :class:`~azure.identity.VisualStudioCodeCredential`. Defaults to the "Azure: Tenant" setting in VS Code's user + settings or, when that setting has no value, the "organizations" tenant, which supports only Azure Active + Directory work or school accounts. """ def __init__(self, **kwargs): @@ -78,6 +85,15 @@ def __init__(self, **kwargs): authority = kwargs.pop("authority", None) + vscode_tenant_id = kwargs.pop( + "visual_studio_code_tenant_id", os.environ.get(EnvironmentVariables.AZURE_TENANT_ID) + ) + vscode_args = dict(kwargs) + if authority: + vscode_args["authority"] = authority + if vscode_tenant_id: + vscode_args["tenant_id"] = vscode_tenant_id + authority = normalize_authority(authority) if authority else get_default_authority() interactive_browser_tenant_id = kwargs.pop( @@ -97,6 +113,7 @@ def __init__(self, **kwargs): exclude_environment_credential = kwargs.pop("exclude_environment_credential", False) exclude_managed_identity_credential = kwargs.pop("exclude_managed_identity_credential", False) exclude_shared_token_cache_credential = kwargs.pop("exclude_shared_token_cache_credential", False) + exclude_visual_studio_code_credential = kwargs.pop("exclude_visual_studio_code_credential", True) exclude_cli_credential = kwargs.pop("exclude_cli_credential", False) exclude_interactive_browser_credential = kwargs.pop("exclude_interactive_browser_credential", True) exclude_powershell_credential = kwargs.pop("exclude_powershell_credential", False) @@ -115,6 +132,8 @@ def __init__(self, **kwargs): credentials.append(shared_cache) except Exception as ex: # pylint:disable=broad-except _LOGGER.info("Shared token cache is unavailable: '%s'", ex) + if not exclude_visual_studio_code_credential: + credentials.append(VisualStudioCodeCredential(**vscode_args)) if not exclude_cli_credential: credentials.append(AzureCliCredential()) if not exclude_powershell_credential: diff --git a/sdk/identity/azure-identity/azure/identity/aio/_credentials/default.py b/sdk/identity/azure-identity/azure/identity/aio/_credentials/default.py index 3042cfb11a62..e7270e9ef7e9 100644 --- a/sdk/identity/azure-identity/azure/identity/aio/_credentials/default.py +++ b/sdk/identity/azure-identity/azure/identity/aio/_credentials/default.py @@ -14,6 +14,7 @@ from .environment import EnvironmentCredential from .managed_identity import ManagedIdentityCredential from .shared_cache import SharedTokenCacheCredential +from .vscode import VisualStudioCodeCredential if TYPE_CHECKING: from typing import Any, List @@ -47,6 +48,8 @@ class DefaultAzureCredential(ChainedTokenCredential): :keyword bool exclude_environment_credential: Whether to exclude a service principal configured by environment variables from the credential. Defaults to **False**. :keyword bool exclude_powershell_credential: Whether to exclude Azure PowerShell. Defaults to **False**. + :keyword bool exclude_visual_studio_code_credential: Whether to exclude stored credential from VS Code. + Defaults to **True**. :keyword bool exclude_managed_identity_credential: Whether to exclude managed identity from the credential. Defaults to **False**. :keyword bool exclude_shared_token_cache_credential: Whether to exclude the shared token cache. Defaults to @@ -57,6 +60,10 @@ class DefaultAzureCredential(ChainedTokenCredential): Defaults to the value of environment variable AZURE_USERNAME, if any. :keyword str shared_cache_tenant_id: Preferred tenant for :class:`~azure.identity.aio.SharedTokenCacheCredential`. Defaults to the value of environment variable AZURE_TENANT_ID, if any. + :keyword str visual_studio_code_tenant_id: Tenant ID to use when authenticating with + :class:`~azure.identity.aio.VisualStudioCodeCredential`. Defaults to the "Azure: Tenant" setting in VS Code's + user settings or, when that setting has no value, the "organizations" tenant, which supports only Azure Active + Directory work or school accounts. """ def __init__(self, **kwargs: "Any") -> None: @@ -65,6 +72,15 @@ def __init__(self, **kwargs: "Any") -> None: authority = kwargs.pop("authority", None) + vscode_tenant_id = kwargs.pop( + "visual_studio_code_tenant_id", os.environ.get(EnvironmentVariables.AZURE_TENANT_ID) + ) + vscode_args = dict(kwargs) + if authority: + vscode_args["authority"] = authority + if vscode_tenant_id: + vscode_args["tenant_id"] = vscode_tenant_id + authority = normalize_authority(authority) if authority else get_default_authority() shared_cache_username = kwargs.pop("shared_cache_username", os.environ.get(EnvironmentVariables.AZURE_USERNAME)) @@ -76,6 +92,11 @@ def __init__(self, **kwargs: "Any") -> None: "managed_identity_client_id", os.environ.get(EnvironmentVariables.AZURE_CLIENT_ID) ) + vscode_tenant_id = kwargs.pop( + "visual_studio_code_tenant_id", os.environ.get(EnvironmentVariables.AZURE_TENANT_ID) + ) + + exclude_visual_studio_code_credential = kwargs.pop("exclude_visual_studio_code_credential", True) exclude_cli_credential = kwargs.pop("exclude_cli_credential", False) exclude_environment_credential = kwargs.pop("exclude_environment_credential", False) exclude_managed_identity_credential = kwargs.pop("exclude_managed_identity_credential", False) @@ -96,6 +117,8 @@ def __init__(self, **kwargs: "Any") -> None: credentials.append(shared_cache) except Exception as ex: # pylint:disable=broad-except _LOGGER.info("Shared token cache is unavailable: '%s'", ex) + if not exclude_visual_studio_code_credential: + credentials.append(VisualStudioCodeCredential(**vscode_args)) if not exclude_cli_credential: credentials.append(AzureCliCredential()) if not exclude_powershell_credential: